[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
branch master updated: gnu: tar: Replace with 1.34 [fixes CVE-2021-20193
|
From: |
guix-commits |
|
Subject: |
branch master updated: gnu: tar: Replace with 1.34 [fixes CVE-2021-20193]. |
|
Date: |
Fri, 12 Nov 2021 02:53:17 -0500 |
This is an automated email from the git hooks/post-receive script.
mhw pushed a commit to branch master
in repository guix.
The following commit(s) were added to refs/heads/master by this push:
new 33a80e1 gnu: tar: Replace with 1.34 [fixes CVE-2021-20193].
33a80e1 is described below
commit 33a80e111096b05af3d60576dfcb2d67099dc60e
Author: Mark H Weaver <mhw@netris.org>
AuthorDate: Sat Nov 6 05:52:51 2021 -0400
gnu: tar: Replace with 1.34 [fixes CVE-2021-20193].
* gnu/packages/base.scm (tar)[replacement]: New field.
(tar-1.34): New variable.
---
gnu/packages/base.scm | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index ea2e102..77731d3 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -180,6 +180,7 @@ implementation offers several extensions over the standard
utility.")
(package
(name "tar")
(version "1.32")
+ (replacement tar-1.34)
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/tar/tar-"
@@ -234,6 +235,21 @@ standard utility.")
(license gpl3+)
(home-page "https://www.gnu.org/software/tar/";)))
+(define-public tar-1.34 ; fixes CVE-2021-20193
+ (package
+ (inherit tar)
+ (version "1.34")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnu/tar/tar-"
+ version ".tar.xz"))
+ (sha256
+ (base32
+ "0a0x87anh9chbi2cgcyy7pmnm5hzk4yd1w2j8gm1wplwhwkbvgk3"))
+ (patches
+ (search-patches "tar-skip-unreliable-tests.patch"
+ "tar-remove-wholesparse-check.patch"))))))
+
(define-public patch
(package
(name "patch")
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- branch master updated: gnu: tar: Replace with 1.34 [fixes CVE-2021-20193].,
guix-commits <=